Autoremediation just works for certain parts, like (some) outdated antivirus product can be triggered for updates, forbidden processes may be killed, but I don't think that works for registry keys. As well I would be careful in changing registry keys and leave that to Group Policies or other device management.
You can probably create a custom script to test and modify the registry and use that in OnGuard to achieve the same.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Feb 21, 2024 08:29 AM
From: hoovera
Subject: OnGuard Registry Keys Auto Remediation
I am trying to create a Windows posture policy that checks for the presence of a registry entry with certain data. If the entry is not present or is incorrect, I want OnGuard to remediate it immediately.
I have set up the Registry Keys check in the posture policy and can verify that the check is working. I have checked "Auto Remediation", but nothing seems to happen that changes the registry key.
Is there a step that I am missing? The documentation I am reading here just says "Auto Remediation: Select this option to allow auto-remediation for processes." without saying anything else about it.